Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days

Microsoft's March 2025 Patch Tuesday includes six actively exploited zero-day vulnerabilities. Learn about the critical vulnerabilities and why immediate updates are essential.

Microsoft just dropped its March 2025 Patch Tuesday update, which includes 57 fixes though closer to 70 with third-party vulnerabilities included. The update addresses some critical security issues that require immediate attention, including the following six zero-day vulnerabilities that hackers are actively exploiting.

• CVE-2025-26633: A security hole in Microsoft Management Console that lets hackers bypass normal protections. They typically trick you into opening a specially designed file or website through email or messaging apps. Rated Important, with a danger score of 7.8 out of 10. “In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted file that is designed to exploit the vulnerability,” explains Microsoft. “In any case an attacker would have no way to ...